From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 0B0D2138359 for ; Fri, 20 Nov 2020 15:10:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 01870E0815; Fri, 20 Nov 2020 15:10:34 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id DC76DE0815 for ; Fri, 20 Nov 2020 15:10:33 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 7B67C340997 for ; Fri, 20 Nov 2020 15:10:32 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id BCF77453 for ; Fri, 20 Nov 2020 15:10:30 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1605885026.5fe4d21bad106b44dc1cb67113a630bd242ab21c.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/swtpm/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-crypt/swtpm/Manifest app-crypt/swtpm/swtpm-0.5.1.ebuild X-VCS-Directories: app-crypt/swtpm/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: 5fe4d21bad106b44dc1cb67113a630bd242ab21c X-VCS-Branch: master Date: Fri, 20 Nov 2020 15:10:30 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: ada5fdb1-a1c9-41a9-9133-ee17d4810945 X-Archives-Hash: f173c598cc03742f94edb836ed831d51 commit: 5fe4d21bad106b44dc1cb67113a630bd242ab21c Author: Salah Coronya gmail com> AuthorDate: Wed Nov 18 23:44:37 2020 +0000 Commit: Sam James gentoo org> CommitDate: Fri Nov 20 15:10:26 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5fe4d21b app-crypt/swtpm: Bump to 0.5.1 to fix CVE-2020-28407 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Salah Coronya gmail.com> Signed-off-by: Sam James gentoo.org> app-crypt/swtpm/Manifest | 1 + app-crypt/swtpm/swtpm-0.5.1.ebuild | 94 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+) diff --git a/app-crypt/swtpm/Manifest b/app-crypt/swtpm/Manifest index 3a8b2fa15a3..eeda254b690 100644 --- a/app-crypt/swtpm/Manifest +++ b/app-crypt/swtpm/Manifest @@ -1 +1,2 @@ DIST swtpm-0.5.0.tar.gz 309011 BLAKE2B 3977acef1e68adca82ed5b51adb5f8787f6eb874ee16768b5b4bbbb13b043f8a39f534b2aa99ef92fb1608f0c4c805b51bb8fbc83297b71afcec2d99faff03d9 SHA512 ba7dafc9a9ddd28252615028a45fe3e68efd12df948c1e8ec938caabb840406a7a1935e1e4a6e1b6b8848bee08450673138dc5a0d63f0447f5e0e07350e4aed7 +DIST swtpm-0.5.1.tar.gz 309464 BLAKE2B 630a9add9a17e016f0158666bd3f4eafa773b7a2645820346d5f2847023310f8df4c2491184c5f5d02a83aa2bb53f8c266e5f2a6b07ab92502f08c7f1fa697ea SHA512 8a034b1da916797b9869a4ff478a4c7093b1343ce2556054d2228214520f0e2a63a1d69709bf2cc62fe45710dd9a41c0eee488af9396e8baf8099e697593638c diff --git a/app-crypt/swtpm/swtpm-0.5.1.ebuild b/app-crypt/swtpm/swtpm-0.5.1.ebuild new file mode 100644 index 00000000000..afdecc396ec --- /dev/null +++ b/app-crypt/swtpm/swtpm-0.5.1.ebuild @@ -0,0 +1,94 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{7,8,9} ) + +inherit autotools distutils-r1 + +DESCRIPTION="Libtpms-based TPM emulator" +HOMEPAGE="https://github.com/stefanberger/swtpm" +SRC_URI="https://github.com/stefanberger/swtpm/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64" +IUSE="fuse gnutls libressl seccomp test" + +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + fuse? ( + dev-libs/glib:2 + sys-fs/fuse:0 + ) + gnutls? ( + dev-libs/libtasn1:= + >=net-libs/gnutls-3.1.0[tools] + ) + !libressl? ( + dev-libs/openssl:0= + dev-libs/libtpms[-libressl] + ) + libressl? ( + dev-libs/libressl:0= + dev-libs/libtpms[libressl] + ) + seccomp? ( sys-libs/libseccomp ) +" + +DEPEND="${COMMON_DEPEND} + test? ( + net-misc/socat + dev-tcltk/expect + ${PYTHON_DEPS} + ) +" + +RDEPEND="${COMMON_DEPEND} + acct-group/tss + acct-user/tss + dev-python/cryptography[${PYTHON_USEDEP}] +" + +PATCHES=( + "${FILESDIR}/${PN}-0.5.0-fix-localca-path.patch" + "${FILESDIR}/${PN}-0.5.0-build-sys-Remove-WError.patch" +) + +src_prepare() { + use test || eapply "${FILESDIR}/${PN}-0.5.0-disable-test-dependencies.patch" + default + eautoreconf + eautomake +} + +src_configure() { + econf \ + --disable-static \ + --with-openssl \ + --without-selinux \ + $(use_with fuse cuse) \ + $(use_with gnutls) \ + $(use_with seccomp) +} + +src_compile() { +# We want the default src_compile, not the version distutils-r1 exports + default +} + +src_install() { + default + python_foreach_impl python_optimize + fowners -R tss:root /var/lib/swtpm-localca + fperms 750 /var/lib/swtpm-localca + keepdir /var/lib/swtpm-localca + find "${D}" -name '*.la' -delete || die +} + +src_test() { +# We want the default src_test, not the version distutils-r1 exports + default +}